{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T12:34:13Z","timestamp":1725539653559},"publisher-location":"Berlin, Heidelberg","reference-count":61,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642102479"},{"type":"electronic","value":"9783642102486"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-10248-6_3","type":"book-chapter","created":{"date-parts":[[2009,10,27]],"date-time":"2009-10-27T09:18:40Z","timestamp":1256635120000},"page":"49-75","source":"Crossref","is-referenced-by-count":0,"title":["Architecting Dependable Access Control Systems for Multi-domain Computing Environments"],"prefix":"10.1007","author":[{"given":"Maciej P.","family":"Machulak","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Simon E.","family":"Parkin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Aad","family":"van Moorsel","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"3_CR1","unstructured":"XML Encryption Syntax and Processing (December 2002), http:\/\/www.w3.org\/TR\/xmlenc-core\/"},{"key":"3_CR2","unstructured":"Web Services Architecture (Febuary 2004), http:\/\/www.w3.org\/TR\/ws-arch\/"},{"key":"3_CR3","unstructured":"OASIS eXtensible Access Control Markup Language (XACML). Version 2.0 (2005), http:\/\/www.oasis-open.org\/committees\/xacml\/"},{"key":"3_CR4","unstructured":"SAML 2.0 profile of XACML v2.0 (February 2005), http:\/\/www.oasis-open.org\/committees\/xacml\/"},{"key":"3_CR5","unstructured":"OASIS Reference Model for Service Oriented Architecture. Version 1.0 (October 2006), http:\/\/docs.oasis-open.org\/soa-rm\/v1.0\/soa-rm.pdf"},{"key":"3_CR6","unstructured":"OASIS Security Assertion Markup Language (SAML). Version 2.0 (2007), http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-core-2.0-os.pdf"},{"key":"3_CR7","unstructured":"Security Policy Assertion Language SecPAL. Version 2.0 (2007), http:\/\/research.microsoft.com\/projects\/SecPAL\/"},{"key":"3_CR8","unstructured":"SOAP. Technical report, W3C, Version 1.2 (April 2007)"},{"key":"3_CR9","unstructured":"Web Services Profile of XACML (WS-XACML). Version 1.0 (2007), http:\/\/www.oasis-open.org\/committees\/xacml\/"},{"key":"3_CR10","unstructured":"XACML 2.0 Interop Scenarios Working Draft. Version 0.12 (June 2007), http:\/\/www.oasis-open.org\/committees\/download.php\/24475\/xacml-2.0-core-interop-draft-12-04.doc"},{"key":"3_CR11","unstructured":"Cross-Enterprise Security and Privacy Authorization (XSPA) Profile of XACML v2.0 for Healthcare. Committee Draft (2008), http:\/\/www.oasis-open.org\/committees\/xacml\/"},{"key":"3_CR12","unstructured":"XACML 2.0 RSA 2008 Interop Scenarios Working Draft. Version 0.12 (April 2008), http:\/\/www.oasis-open.org\/committees\/download.php\/28030\/XACML-20-RSA-Interop-Documents-V-01.zip"},{"key":"3_CR13","unstructured":"XACML v3.0 Administration and Delegation Profile. Version 1.0 (2008), http:\/\/www.oasis-open.org\/committees\/xacml\/"},{"key":"3_CR14","unstructured":"XML Signature Syntax and Processing (June 2008), http:\/\/www.w3.org\/TR\/xmldsig-core\/"},{"key":"3_CR15","doi-asserted-by":"crossref","unstructured":"Alfieri, R., Cecchini, R., Ciaschini, V., Dellagnello, L., Frohner, \u00c1., Gianoli, A., Orentey, K.L., Spataro, F.: VOMS, an Authorization System for Virtual Organizations, pp. 33\u201340 (2004)","DOI":"10.1007\/978-3-540-24689-3_5"},{"key":"3_CR16","volume-title":"Web Services - Concepts, Architectures and Applications","author":"G. Alonso","year":"2003","unstructured":"Alonso, G., Casati, F., Kuno, H., Machiraju, V.: Web Services - Concepts, Architectures and Applications, November 2003. Springer, Heidelberg (2003)"},{"key":"3_CR17","doi-asserted-by":"crossref","unstructured":"Ardagna, C.A., Damiani, E., di Vimercati, S.D.C., Samarati, P.: A Web Service Architecture for Enforcing Access Control Policies. In: Proceedings of the First International Workshop on Views on Designing Complex Architectures (VODCA 2004). Electronic Notes in Theoretical Computer Science, vol.\u00a0142, pp. 47\u201362 (2006)","DOI":"10.1016\/j.entcs.2004.09.044"},{"key":"3_CR18","unstructured":"Barton, T., Basney, J., Freeman, T., Scavo, T., Siebenlist, F., Welch, V., Ananthakrishnan, R., Baker, B., Goode, M., Keahey, K.: Identity federation and attribute-based authorization through the globus toolkit. In: Shibboleth, GridShib, and MyProxy. In Proceedings of the 5th Annual PKI R&D Workshop (2005)"},{"key":"3_CR19","volume-title":"Access Control Systems: Security, Identity Management and Trust Models","author":"M. Benantar","year":"2005","unstructured":"Benantar, M.: Access Control Systems: Security, Identity Management and Trust Models. Springer, Secaucus (2005)"},{"key":"3_CR20","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1145\/373256.373264","volume-title":"SACMAT 2001: Proceedings of the sixth ACM symposium on Access control models and technologies","author":"E. Bertino","year":"2001","unstructured":"Bertino, E., Castano, S., Ferrari, E.: On specifying security policies for web documents with an xml-based language. In: SACMAT 2001: Proceedings of the sixth ACM symposium on Access control models and technologies, pp. 57\u201365. ACM, New York (2001)"},{"issue":"2","key":"3_CR21","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1145\/1065545.1065547","volume":"8","author":"R. Bhatti","year":"2005","unstructured":"Bhatti, R., Ghafoor, A., Bertino, E., Joshi, J.B.D.: X-GTRBAC: an XML-based policy specification framework and architecture for enterprise-wide access control. ACM Trans. Inf. Syst. Secur.\u00a08(2), 187\u2013227 (2005)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"3_CR22","doi-asserted-by":"crossref","unstructured":"Brewer, D.F.C., Nash, M.J.: The Chinese wall security policy. In: Proceedings of the 1989 IEEE Symposium on Security and Privacy, pp. 206\u2013214 (1989)","DOI":"10.1109\/SECPRI.1989.36295"},{"key":"3_CR23","unstructured":"British Standards Institution. BS ISO\/IEC 27001:2005 - Information technology - Security techniques - Information security management systems - Requirements (2005)"},{"key":"3_CR24","unstructured":"British Standards Institution. BS ISO\/IEC 27002:2005 - Information technology - Security techniques - Code of practice for information security management (2005)"},{"key":"3_CR25","volume-title":"Grid Computing Security","author":"A. Chakrabarti","year":"2007","unstructured":"Chakrabarti, A.: Grid Computing Security. Springer, Heidelberg (2007)"},{"key":"3_CR26","unstructured":"Christensen, E., Curbera, F., Meredith, G., Weerawarana, S.: Web Service Definition Language (WSDL). Technical report (March 2001)"},{"key":"3_CR27","doi-asserted-by":"crossref","unstructured":"de Laat, C., Gross, G., Gommans, L., Vollbrecht, J., Spence, D.: Generic AAA Architecture. RFC\u00a02903 (August 2000)","DOI":"10.17487\/rfc2903"},{"key":"3_CR28","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1462704.1462709","volume-title":"MGC 2008: Proceedings of the 6th international workshop on Middleware for grid computing","author":"Y. Demchenko","year":"2008","unstructured":"Demchenko, Y., Koeroo, O., de Laat, C., Sagehaug, H.: Extending XACML authorisation model to support policy obligations handling in distributed application. In: MGC 2008: Proceedings of the 6th international workshop on Middleware for grid computing, pp. 1\u20136. ACM, New York (2008)"},{"key":"3_CR29","doi-asserted-by":"crossref","unstructured":"Dhankhar, V., Kaushik, S., Wijesekera, D.: XACML Policies for Exclusive Resource Usage, pp. 275\u2013290 (2007)","DOI":"10.1007\/978-3-540-73538-0_20"},{"key":"3_CR30","doi-asserted-by":"crossref","unstructured":"Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard) (August 2008)","DOI":"10.17487\/rfc5246"},{"key":"3_CR31","first-page":"497","volume-title":"AINAW 2007: Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops","author":"F.W. Dillema","year":"2007","unstructured":"Dillema, F.W., Lupetti, S., Stabell-Kulo, T.: A decentralized authorization architecture. In: AINAW 2007: Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops, Washington, DC, USA, pp. 497\u2013504. IEEE Computer Society, Los Alamitos (2007)"},{"key":"3_CR32","volume-title":"Service-Oriented Architecture: Concepts, Technology, and Design","author":"T. Erl","year":"2005","unstructured":"Erl, T.: Service-Oriented Architecture: Concepts, Technology, and Design. Prentice Hall PTR, Upper Saddle River (2005)"},{"key":"3_CR33","volume-title":"Role-Based Access Control","author":"D.F. Ferraiolo","year":"2007","unstructured":"Ferraiolo, D.F., Kuhn, R.D., Chandramouli, R.: Role-Based Access Control, 2nd edn. Artech House, Inc., Norwood (2007)","edition":"2"},{"key":"3_CR34","doi-asserted-by":"publisher","first-page":"2001","DOI":"10.1177\/109434200101500302","volume":"15","author":"I. Foster","year":"2001","unstructured":"Foster, I., Kesselman, C., Tuecke, S.: The anatomy of the grid: Enabling scalable virtual organizations. International Journal of Supercomputer Applications\u00a015 (2001)","journal-title":"International Journal of Supercomputer Applications"},{"key":"3_CR35","unstructured":"Freier, A.O., Karlton, P., Kocher, P.C.: The SSL Protocol. Internet Draft 302, Version 3.0 (November 1996)"},{"key":"3_CR36","first-page":"16","volume":"7","author":"R. Gupta","year":"2007","unstructured":"Gupta, R.: Security in a SOA. SOA World Magazine\u00a07, 16\u201318 (2007)","journal-title":"SOA World Magazine"},{"key":"3_CR37","first-page":"149","volume-title":"CSF 2008: Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium","author":"G. Yuri","year":"2008","unstructured":"Yuri, G., Itay, N.: Dkal: Distributed-knowledge authorization language. In: CSF 2008: Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium, Washington, DC, USA, pp. 149\u2013162. IEEE Computer Society, Los Alamitos (2008)"},{"issue":"2","key":"3_CR38","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1109\/2.901169","volume":"34","author":"J. Joshi","year":"2001","unstructured":"Joshi, J., Ghafoor, A., Aref, W.G., Spafford, E.H.: Digital Government Security Infrastructure Design Challenges. Computer\u00a034(2), 66\u201372 (2001)","journal-title":"Computer"},{"issue":"6","key":"3_CR39","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1109\/MIC.2004.53","volume":"8","author":"J.B.D. Joshi","year":"2004","unstructured":"Joshi, J.B.D.: Access-control language for multidomain environments. Internet Computing, IEEE\u00a08(6), 40\u201350 (2004)","journal-title":"Internet Computing, IEEE"},{"issue":"5","key":"3_CR40","doi-asserted-by":"publisher","first-page":"689","DOI":"10.1016\/j.jss.2005.08.006","volume":"79","author":"M.B. Juric","year":"2006","unstructured":"Juric, M.B., Rozman, I., Brumen, B., Colnaric, M., Hericko, M.: Comparison of performance of Web services, WS-Security, RMI, and RMI-SSL. Journal of Systems and Software (Quality Software)\u00a079(5), 689\u2013700 (2006)","journal-title":"Journal of Systems and Software, (Quality Software)"},{"key":"3_CR41","doi-asserted-by":"crossref","unstructured":"Kamoda, H., Yamaoka, M., Matsuda, S., Broda, K., Sloman, M.: Policy conflict analysis using free variable tableaux for access control in web services environments. In: Policy Management for the Web (2005)","DOI":"10.2197\/ipsjdc.2.207"},{"key":"3_CR42","unstructured":"Kanneganti, R., Chodavarapu, P.: SOA Security. Manning Publications (January 2008)"},{"key":"3_CR43","unstructured":"Keleta, Y., Coetzee, M., Eloff, J.H.P., Venter, H.S.: Proposing a Secure XACML architecture ensuring privacy and trust. In: ISSA: Information Security South Africa, Sandton, South Africa (2005)"},{"key":"3_CR44","doi-asserted-by":"crossref","unstructured":"Kerschbaum, F., Robinson, P.: Security architecture for virtual organizations of business web services. Journal of Systems Architecture (in Press) (Corrected Proof) (2008)","DOI":"10.1016\/j.sysarc.2008.10.001"},{"key":"3_CR45","first-page":"311","volume-title":"Trust Management II, IFIP International Federation for Information Processing","author":"A.J. Lee","year":"2008","unstructured":"Lee, A.J., Winslett, M.: Towards Standards-Compliant Trust Negotiation for Web Services. In: Trust Management II, IFIP International Federation for Information Processing, vol.\u00a0263, pp. 311\u2013326. Springer, Boston (2008)"},{"key":"3_CR46","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1145\/1133058.1133066","volume-title":"SACMAT 2006: Proceedings of the eleventh ACM symposium on Access control models and technologies","author":"A.J. Lee","year":"2006","unstructured":"Lee, A.J., Winslett, M., Basney, J., Von Welch: Traust: a trust negotiation-based authorization service for open systems. In: SACMAT 2006: Proceedings of the eleventh ACM symposium on Access control models and technologies, pp. 39\u201348. ACM, New York (2006)"},{"key":"3_CR47","first-page":"33","volume-title":"CollaborateCom","author":"H.K. Lee","year":"2007","unstructured":"Lee, H.K.: Unraveling decentralized authorization for multi-domain collaborations. In: CollaborateCom, pp. 33\u201340. IEEE, Los Alamitos (2007)"},{"key":"3_CR48","doi-asserted-by":"publisher","first-page":"472","DOI":"10.1109\/CISW.2007.4425536","volume-title":"CISW 2007: Proceedings of the, International Conference on Computational Intelligence and Security Workshops","author":"M. Liu","year":"2007","unstructured":"Liu, M., Zhang, W., Liu, H.-L.: Specification of access control policies for web services. In: CISW 2007: Proceedings of the, International Conference on Computational Intelligence and Security Workshops, Washington, DC, USA, pp. 472\u2013475. IEEE Computer Society, Los Alamitos (2007)"},{"key":"3_CR49","unstructured":"Lorch, M., Cowles, B., Baker, R., Gommans, L., Madsen, P., McNab, A., Ramarkrishnan, L., Sankar, K., Skow, D., Thompson, M.: GFD.38 Conceptual grid authorization framework and classification (2004)"},{"key":"3_CR50","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1145\/968559.968563","volume-title":"XMLSEC 2003: Proceedings of the 2003 ACM workshop on XML security","author":"M. Lorch","year":"2003","unstructured":"Lorch, M., Proctor, S., Lepro, R., Kafura, D., Shah, S.: First experiences using xacml for access control in distributed systems. In: XMLSEC 2003: Proceedings of the 2003 ACM workshop on XML security, pp. 25\u201337. ACM, New York (2003)"},{"issue":"6","key":"3_CR51","doi-asserted-by":"publisher","first-page":"852","DOI":"10.1109\/32.824414","volume":"25","author":"E.C. Lupu","year":"1999","unstructured":"Lupu, E.C., Sloman, M.: Conflicts in policy-based distributed systems management. IEEE Transactions on Software Engineering\u00a025(6), 852\u2013869 (1999)","journal-title":"IEEE Transactions on Software Engineering"},{"key":"3_CR52","unstructured":"Michiels, E.F. (ed.): ISO\/IEC 10181-3:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Access control framework. ISO\/IEC, Geneva, int. standard edition (1996)"},{"issue":"4","key":"3_CR53","doi-asserted-by":"publisher","first-page":"96","DOI":"10.1109\/MC.2003.1193234","volume":"36","author":"M. Naedele","year":"2003","unstructured":"Naedele, M.: Standards for xml and web services security. Computer\u00a036(4), 96\u201398 (2003)","journal-title":"Computer"},{"key":"3_CR54","first-page":"50","volume-title":"POLICY 2002: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY 2002)","author":"L. Pearlman","year":"2002","unstructured":"Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A community authorization service for group collaboration. In: POLICY 2002: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), Washington, DC, USA, p. 50. IEEE Computer Society, Los Alamitos (2002)"},{"key":"3_CR55","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1007\/3-540-45608-2_3","volume-title":"Foundations of Security Analysis and Design","author":"P. Samarati","year":"2001","unstructured":"Samarati, P., di Vimercati, S.D.C.: Access control: Policies, models, and mechanisms. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol.\u00a02171, pp. 137\u2013196. Springer, Heidelberg (2001)"},{"issue":"2","key":"3_CR56","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1109\/2.485845","volume":"29","author":"R.S. Sandhu","year":"1996","unstructured":"Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer\u00a029(2), 38\u201347 (1996)","journal-title":"Computer"},{"key":"3_CR57","unstructured":"Smith, K.: SOA Access Control Policy Management. Approaches, Common Pitfalls, and Best Practices. Version 2.0 (October 2006), http:\/\/soa.sys-con.com\/node\/284576"},{"key":"3_CR58","unstructured":"The Stationery Office Limited. Data Protection Act 1998 (1998)"},{"key":"3_CR59","doi-asserted-by":"crossref","unstructured":"Vollbrecht, J., Calhoun, P., Farrell, S., Gommans, L., Gross, G., de Bruijn, B., de Laat, C., Holdrege, M., Spence, D.: AAA Authorization Framework. RFC 2904 (Informational) (August 2000)","DOI":"10.17487\/rfc2904"},{"key":"3_CR60","first-page":"88","volume-title":"DARPA Information Survivability Conference and Exposition","author":"W.H. Winsborough","year":"2000","unstructured":"Winsborough, W.H., Seamons, K.E., Jones, V.E.: Automated trust negotiation. In: DARPA Information Survivability Conference and Exposition, vol.\u00a0I, pp. 88\u2013102. IEEE Press, Los Alamitos (2000)"},{"key":"3_CR61","unstructured":"Woo, T.Y.C., Lam, S.S.: Designing a distributed authorization service. Technical report, Austin, TX, USA (1993)"}],"container-title":["Lecture Notes in Computer Science","Architecting Dependable Systems VI"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-10248-6_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,27]],"date-time":"2023-05-27T09:01:08Z","timestamp":1685178068000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-10248-6_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642102479","9783642102486"],"references-count":61,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-10248-6_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2009]]}}}